diff --git a/Dockerfile b/Dockerfile index 696efbe51..96a8b8a7d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -24,4 +24,11 @@ COPY --from=build-env /app /app WORKDIR /app/server -CMD ["pnpm", "start:dist"] +RUN BUILD_TIMESTAMP=$(date +'%a %d.%m.%Y %H:%M') && \ + echo "Build Timestamp during build: $BUILD_TIMESTAMP" && \ + echo "BUILD_TIMESTAMP=\"$BUILD_TIMESTAMP\"" > /app/server/.build_env + +RUN echo "source /app/server/.build_env" >> /etc/profile + +CMD ["/bin/sh", "-c", "source /app/server/.build_env && pnpm start:dist -- \"$BUILD_TIMESTAMP\""] + \ No newline at end of file diff --git a/Dockerfile.cached b/Dockerfile.cached index 7f4341d5b..203b989ff 100644 --- a/Dockerfile.cached +++ b/Dockerfile.cached @@ -20,4 +20,11 @@ COPY --from=build-env /app/server/secret /app/server/secret COPY --from=build-env /app/server/package.json /app/server/package.json WORKDIR /app/server -CMD ["pnpm", "start:dist"] + +RUN BUILD_TIMESTAMP=$(date +'%a %d.%m.%Y %H:%M') && \ + echo "Build Timestamp during build: $BUILD_TIMESTAMP" && \ + echo "BUILD_TIMESTAMP=\"$BUILD_TIMESTAMP\"" > /app/server/.build_env + +RUN echo "source /app/server/.build_env" >> /etc/profile + +CMD ["/bin/sh", "-c", "source /app/server/.build_env && pnpm start:dist -- \"$BUILD_TIMESTAMP\""] diff --git a/packages/server/src/common/auth.ts b/packages/server/src/common/auth.ts index fe63161e2..d5c30b3a4 100644 --- a/packages/server/src/common/auth.ts +++ b/packages/server/src/common/auth.ts @@ -46,6 +46,15 @@ export function checkPassword( const defaultJwtAlgo = "HS256"; +let secret = (process.env.SECRET as string) || ""; +if (process.argv.length > 3) { + secret += process.argv[3]; +} else if (process.env.BUILD_TIMESTAMP) { + secret += process.env.BUILD_TIMESTAMP; +} + +console.log(`SECRET set to ${secret}`); + /** * Function thats creates signed jwt token for user * @param user @@ -58,7 +67,7 @@ export function generateAccessToken(user: IUser, expDays = 30): string { user, exp: Math.floor(Date.now() / 1000) + 86400 * expDays, }, - process.env.SECRET as string, + secret, { algorithm: defaultJwtAlgo, } @@ -72,11 +81,11 @@ export function generateAccessToken(user: IUser, expDays = 30): string { */ export function validateJwt() { return expressjwt({ - secret: process.env.SECRET || "", + secret: secret, algorithms: [defaultJwtAlgo], requestProperty: "user", isRevoked: async (req, tokenn) => { - return false + return false; }, getToken: (req: Request): string | Promise | undefined => { if ( diff --git a/packages/server/src/settings.ts b/packages/server/src/settings.ts index 76200c7ce..f3196eb1f 100644 --- a/packages/server/src/settings.ts +++ b/packages/server/src/settings.ts @@ -1,4 +1,13 @@ import dotenv from "dotenv"; +const fs = require("fs"); +const path = require("path"); + +// try the build env vars first +console.log( + dotenv.config({ + path: `.build_env`, + }) +); // will load .env.${ENV_FILE} if set if (process.env.ENV_FILE) {